Posts

I really hate hearing from customers and prospective customers that we were right and that they wish they had taken our advice to harden their systems and implement tighter security controls before their breach. Feedback from customers suggests the inconvenience of implementing additional controls is often what keeps them from taking action as opposed to the cost, which is negligible for some of the most effective controls like Multi-Factor Authentication (MFA). If you think the controls are inconvenient, you should spend some time visiting with someone who has been through a breach.

The most likely cyber-attack a small business will experience is an email breach which quickly lead to real payment fraud losses, reputational damage, and compliance risk. Once a criminal organization (yes, there are organizations attacking your small business) has success breaching one email account, you can expect the attacks to increase in volume and sophistication. Businesses can dramatically reduce email breach risk with relatively little cost and yes, some minor inconvenience.

Take the Next Steps

If you own a business or have are responsible for managing business risk, you need to take steps to protect your business, your shareholders, your employees, your vendors, and most importantly your customers. You must take action to implement additional controls. Start by asking your IT professionals to implement controls for yourself so you can understand first-hand how the controls protect your business and the level of inconvenience the controls may cause. This puts you in the best position possible to make informed decisions about how to protect your business and champion initiatives to tighten controls.

If you’ve done nothing to date, start with implementing MFA for your business email and then work with an IT professional to constantly review and improve security controls around all your systems and data.

I’m right and I hope I never have to tell you “I told you so”.

Your credentials can be phished, period.  If you think you’re above being phished, you’re wrong.  We all have weak moments and the criminals are really good at praying on our whims and emotions.  Trust me, you can be phished.  Don’t put so much pressure on yourself.  Implement multi-factor authentication (MFA) wherever possible to protect your accounts even if you are phished.  This is so important that we put together a video to show you how.  Watch this video.  Please just give us a call if you want help or want to discuss additional configuration options to ease implementation for your business.  We will be happy to help.

If you don’t know anything about Office 365 Multi-Factor Authentication please check out our blog and video from December 2017 for a complete overview https://www.gowestit.com/office-365-multi-factor-authentication.

 

 

Your business is vulnerable to cyber criminals, period.

The truth is that no business is fully “secure”. Rather, businesses assume various amounts of acceptable risk. Your responsibility is to figure out where your organization lies on the security spectrum, how much cyber risk you are willing to comfortably assume, and continually act to reduce your risk to those levels.

We understand that most businesses, especially SMB’s, can’t and won’t do everything their IT provider may recommend. This is true for a myriad of reasons including operational efficiency, timing, focus on your core business, and of course budget considerations. We also believe that most businesses do not realize the amount of risk which they current assume. If you did, you would likely already be doing more!

To this end, Go West IT has developed our “Top Ten Task to Mitigate Cyber Risk”

Review your security posture with your current IT provider and discuss how to implement the next best thing you can do to reduce your risk (HINT: If you’ve done nothing to date, start with backups, patching, and multi-factor authentication). If you need help please give us a shout, our experts will help you recognize, plan, and take the steps to mitigate your risk.

Understand where you are today… know where you want to be tomorrow… build the roadmap to get you there. You can reduce your risk, get started today!

David Lewien
President, Go West IT

Download the PDF: Top Ten Tasks to Mitigate Cyber Risk
303-795-2200
info@gowestit.com
www.gowestit.com

Something You Know + Something You Have

One of the easiest ways to increase your security profile is to utilize multi-factor authentication (MFA).  MFA is just like it sounds, more than one form of authentication is required to access a system.  In most cases this is your normal login credentials (username & password), as well as an additional form of authentication such as the use of a randomly generated passcode or hardware token.

This is a vital form of additional security for Office 365 users, as access to your O365 login credentials opens the door for someone to not only gain access to your email but also potentially your documents (OneDrive), file sharing (SharePoint) and perhaps your entire VOIP phone system (Skype for Business).  If MFA is enabled, despite the criminal having your login credentials, they would most likely not have access to the additional device containing the MFA passcode.

The best part?  It’s free!  Basic MFA is included with your Office 365 licensing at no extra charge but must be enabled.

Please watch the following presentation by David Lewien, President of Go West IT, to learn more about Office 365 MFA, view examples of how it works and additional considerations to keep in mind.  If you are interested in enabling MFA please contact us today at 303.795.2200 or info@gowestit.com.